def prepare_deployment_account()

in src/lambda_codebase/initial_commit/bootstrap_repository/adf-build/main.py [0:0]


def prepare_deployment_account(sts, deployment_account_id, config):
    """
    Ensures configuration is up to date on the deployment account
    and returns the role that can be assumed by the master account
    to access the deployment account
    """
    deployment_account_role = sts.assume_cross_account_role(
        f'arn:{PARTITION}:iam::{deployment_account_id}:role/'
        f'{config.cross_account_access_role}',
        'master'
    )
    for region in list(
            set([config.deployment_account_region] + config.target_regions)):
        deployment_account_parameter_store = ParameterStore(
            region,
            deployment_account_role
        )
        deployment_account_parameter_store.put_parameter(
            'organization_id', os.environ["ORGANIZATION_ID"]
        )

    deployment_account_parameter_store = ParameterStore(
        config.deployment_account_region,
        deployment_account_role
    )
    deployment_account_parameter_store.put_parameter(
        'adf_version', ADF_VERSION
    )
    deployment_account_parameter_store.put_parameter(
        'adf_log_level', ADF_LOG_LEVEL
    )
    deployment_account_parameter_store.put_parameter(
        'deployment_account_bucket', DEPLOYMENT_ACCOUNT_S3_BUCKET_NAME
    )
    deployment_account_parameter_store.put_parameter(
        'default_scm_branch',
        config.config.get('scm', {}).get(
            'default-scm-branch',
            ADF_DEFAULT_SCM_FALLBACK_BRANCH,
        )
    )
    auto_create_repositories = config.config.get(
        'scm', {}).get('auto-create-repositories')
    if auto_create_repositories is not None:
        deployment_account_parameter_store.put_parameter(
            'auto_create_repositories', str(auto_create_repositories)
        )
    if '@' not in config.notification_endpoint:
        config.notification_channel = config.notification_endpoint
        config.notification_endpoint = (
            f"arn:{PARTITION}:lambda:{config.deployment_account_region}:"
            f"{deployment_account_id}:function:SendSlackNotification"
        )
    for item in (
            'cross_account_access_role',
            'notification_type',
            'notification_endpoint',
            'notification_channel'
    ):
        if getattr(config, item) is not None:
            deployment_account_parameter_store.put_parameter(
                '/notification_endpoint/main' if item == 'notification_channel' else item,
                str(getattr(config, item))
            )

    return deployment_account_role